package com.util;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.config.SystemGlobals;
import com.sql.DBFactory;

public class ToUrl extends HttpServlet {

	private static final long serialVersionUID = 1L;
	
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		String contentType = SystemGlobals.getValue("contentType");
        String PermissionNo=request.getParameter("PermissionNo");
        response.setContentType(contentType);
        PrintWriter out=response.getWriter();
        Connection conn=null;
        Statement stmt=null;
        ResultSet rs=null;
        if(PermissionNo==null)
        {
                PermissionNo="";
        }
        String Link=request.getParameter("Link");
        if(Link==null)
        {
                Link="";
        }
        HttpSession session=request.getSession();
        String GroupNo=(String)session.getAttribute("GroupNo");
        try
        {
                conn=DBFactory.getConnection();
                stmt=conn.createStatement();
                rs=stmt.executeQuery(
                        "select * from grouppermissionlink where group_no="
                        +GroupNo+" and permission_no="+PermissionNo
                        );
                if(rs.next())
                {
                        response.sendRedirect("admin/"+Link);
                }
                else
                {
                        out.print("<font Color=red>对不起，您的权限不够或超时！</font>");
                }
        }
        catch(Exception e)
        {
                out.print(e.toString());
        }
        finally
        {
                try
                {
                        rs.close();
                        stmt.close();
                        conn.close();
                }
                catch(SQLException e)
                {

                }
        }
	}

}
